Page 2 of 15 FirstFirst 123412 ... LastLast
Results 11 to 20 of 142

Thread: YOU THERE!! Malicios script installed as a DEB, please read!

  1. #11
    Join Date
    Dec 2007
    Location
    Gainesville, Florida
    Beans
    Hidden!
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    this is from my earlier post just in case...

    Also you can whois mmowned.com and complain to the hosting company. Interesting I just looked up the hosting company and they advertise protection against DOS attacks.

  2. #12
    Join Date
    Dec 2009
    Beans
    114
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by Enlightened Shadow View Post
    OMG I installed this earlier today. It hasn't done anything to me yet please tell me how to remove it!
    Go check /etc/profile.d and see if there is a "gnome.sh" there (a deceptive name!). If it is, post it here.

    It probably is not intended to do any harm to your system if it is for DoS stuff, but it could actually be for anything.
    (\ /)
    (O.o)
    (> <)
    This is Bunny. Copy Bunny into your signature to help him on his way to world domination.

  3. #13
    Join Date
    Jul 2009
    Location
    Dayton Ohio USA
    Beans
    1,069
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    What scares me is the fact that I've used GTK themes from this link before. Owners need to police content!

  4. #14
    Join Date
    Dec 2009
    Beans
    114
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by pbrane View Post
    this is from my earlier post just in case...

    Also you can whois mmowned.com and complain to the hosting company. Interesting I just looked up the hosting company and they advertise protection against DOS attacks.
    mmowned.com could just as easily be a target, or a distraction.

    The real bad guy is this one:
    http://05748.t35.com
    Last edited by dmizer; December 9th, 2009 at 02:08 AM. Reason: removed hyperlinking
    (\ /)
    (O.o)
    (> <)
    This is Bunny. Copy Bunny into your signature to help him on his way to world domination.

  5. #15
    Join Date
    Dec 2009
    Beans
    114
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by MooPi View Post
    What scares me is the fact that I've used GTK themes from this link before. Owners need to police content!
    The owner could not have been mistaken about the fact that that was not a screensaver.

    GTK themes are easy to write and might make a good trojan horse here, I'm still betting they are DoS wannabes.
    (\ /)
    (O.o)
    (> <)
    This is Bunny. Copy Bunny into your signature to help him on his way to world domination.

  6. #16
    Join Date
    Dec 2007
    Beans
    124

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    http://www.mmowned.com/forums/wow-scams/228194-wow-phishing-pack.html

    Look here guys

    Turns out it is a WoW fanboy... most important thing is to get the identity of this person and pull down the file

    he refers to the link in here.. of http://05748.t35.com/ script thing
    Last edited by dmizer; December 9th, 2009 at 02:09 AM. Reason: removed hyperlinking

  7. #17
    Join Date
    Oct 2009
    Location
    North Carolina US
    Beans
    54
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by akashiraffee View Post
    Go check /etc/profile.d and see if there is a "gnome.sh" there (a deceptive name!). If it is, post it here.

    It probably is not intended to do any harm to your system if it is for DoS stuff, but it could actually be for anything.

    Well it's too late for that now. I'm afraid that I just deleted that file. I hope I didn't mess up.
    Another day has passed and I'm just a little bit smarter.

  8. #18
    Join Date
    Aug 2006
    Location
    St. Louis, MO, USA
    Beans
    Hidden!

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Nobody has said it yet, so I'm going to... A screen saver? Do people still use those?

  9. #19
    Join Date
    Dec 2007
    Beans
    124

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Quote Originally Posted by akashiraffee View Post
    Go check /etc/profile.d and see if there is a "gnome.sh" there (a deceptive name!). If it is, post it here.

    It probably is not intended to do any harm to your system if it is for DoS stuff, but it could actually be for anything.
    all gnome.sh contains is

    /usr/bin/Auto.bash &

  10. #20
    Join Date
    May 2008
    Beans
    Hidden!

    Re: YOU THERE!! Malicios script installed as a DEB, please read!

    Concerning.

    The .deb should be safe to remove through standard tools. There is a postrm script, but it's apparently harmless:

    Code:
    #!/bin/sh
    set -e
    # Automatically added by dh_makeshlibs
    if [ "$1" = "remove" ]; then
            ldconfig
    fi
    # End automatically added section
    Delete these:

    /usr/bin/Auto.bash
    /usr/bin/run.bash
    /etc/profile.d/gnome.sh

    Make sure none of them are still running either. It seems to only trigger when gnome.sh is run.

    I sent an email through gnome-look.org's Report Abuse link.

Page 2 of 15 FirstFirst 123412 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •